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Description 

[0001] The present invention relates to wireless Local Area Network (LAN) system. More particularly, the present 
invention relates to a method of guaranteeing a user's anonymity and a wireless LAN system therefor, by using a 
5 temporary address generated from a unique Media Access Control (MAC) address as a source address or a destination 
address. 

[0002] Generally, a wireless LAN system consists of an ad-Hoc network where a plurality of terminals, each of which 
includes a wireless Network Interface Card (NIC), are connected to each other and independently to wired LANs, and 
an infrastructure network where wireless terminals are connected to wired LANs through wireless access nodes. In an 
10 infrastructure network, a wireless cell Basic Service Set (BSS) is formed centering on one wireless access node. The 
wireless access node has the same functionality as a cellular phone station and connects all wireless terminals in the 
BSS to a LAN. 

[0003] FIG. 1 illustrates a conceptual scheme showing the structure of a wireless LAN system of a general infrastructure 
network. A wireless LAN system as shown in FIG. 1 consists of a wireless access node 1 1 and four wireless terminals 

15 13, 15, 17, and 19. The wireless access node 11 is connected to a wired network, such as very-high-speed Internet 
lines or private lines, and performs access arbitration between wireless terminals. The four wireless terminals 13, 15, 
17, and 19 form a BSS and include wireless LAN cards respectively. The wireless LAN cards installed respectively in 
the first to fourth wireless terminals 13, 15, 17, and 1 9 have MAC addresses MAC Addrl to MAC Addr4 corresponding 
to the first to fourth wireless terminals 13, 15, 17, and 19. 

20 [0004] The unique MAC addresses MAC Addrl to MAC Addr4 allocated to the respective wireless LAN cards of the 
first to fourth wireless terminals 13, 15, 17, and 19 are used as source addresses or destination addresses when sending 
and receiving data packets between the first through fourth wireless terminals 13, 15, 17, and 19 through the wireless 
access node 1 1 . That is, to transmit a data packet (for example, a protocol data unit (PDU)) to one wireless terminal 
among the first to fourth wireless terminals 13, 15, 17, and 1 9, the wireless access node 1 1 sends transmission frames 

25 12, 14, 16, and 18, each of which contains a unique MAC address (i.e., a MAC address among the first to fourth MAC 
addresses MAC Addrl to MAC Addr4) of a wireless terminal representing the destination address. The address is placed 
in the header of the data packet (PDU) to be transmitted. On the other hand, each of the first to fourth wireless terminals 
13, 15, 17, and 19 compares the MAC address corresponding thereto with the destination addresses contained in the 
headers of the transmission frames 12, 14, 16, and 1 8 sent from the wireless access node 1 1 . If a destination address 

30 is identical to the MAC address corresponding to a wireless terminal, the corresponding wireless terminal accepts the 
frame. If no match is made, the frame is dropped over the network. 

[0005] MAC addresses used for data communication between wireless terminals through wireless access nodes are 
unique values allocated upon manufacturing wireless LAN cards. The MAC address is not varied and also not encoded. 
Accordingly, MAC addresses are exposed during data communication so that anonymity of a user using a corresponding 
35 MAC address can not be guaranteed. Thus, a user using the corresponding MAC address may be easily tracked. That 
is, by merely monitoring unique MAC addresses, private user information about network access state, network access 
time, etc. , may be outflowed, and more seriously, if any unique MAC address is exposed, a greater risk exists for malicious 
users eavesdropping at the link layer. Further, attack possibility to encryption channels is increased in long-running 
monitoring. 

40 [0006] As described above, since it is necessary to guarantee a user's anonymity so that information about a user of 
a wireless LAN system is not leaked to objects other than a permitted entity, the conventional wireless LAN system of 
the infrastructure network has many security problems. 

[0007] According to a feature of an embodiment of the present invention, there is provided a method of guaranteeing 
users' anonymity in a wireless LAN system, the method comprising: (a) creating a plurality of temporary address sets, 
45 each of which corresponds to a unique Media Access Control (MAC) address of a wireless terminal, and transmitting 
each temporary address set to the corresponding wireless terminal, and (b) performing data packet transmissions 
between a wireless terminal and a wireless access node using a temporary address selected from the temporary address 
set corresponding to the wireless terminal as a source address or a destination address. 

[0008] In the method above, the wireless access node may create the temporary address sets, each of which preferably 
50 consists of N (where N is an integer greater than or equal to two) temporary addresses using a MAC address contained 
in an access or authentication request message transmitted from a corresponding wireless terminal. 
[0009] In the method above, in (a), the wireless access node may encode the temporary address sets using a prede- 
termined encryption key for each temporary address set, and may respectively transmit the encoded temporary address 
sets to the corresponding wireless terminals. Each encryption key may be created upon authentication of the corre- 
55 sponding wireless terminal. 

[0010] In the method above, (b) may further include (b1) a first addressing, which is performed in the wireless access 
node, and generates a temporary address as a destination address randomly selected from the temporary address set 
corresponding to a wireless terminal that is requesting authentication. Also, (b) may include (b2) a second addressing, 
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which is performed in the wireless terminal, and generates a temporary address as a source address randomly selected 
from the temporary address set corresponding to the wireless terminal. 

[0011] According to another feature of an embodiment of the present invention, there is provided a computer readable 
medium having embodied thereon a computer program for performing the method described above. 
[0012] According to another feature of an embodiment of the present invention, there is provided a wireless Local 
Area Network (LAN) system for guaranteeing users' anonymity comprising: a wireless access node arranged to create 
a plurality of temporary address sets, each of which corresponds to a unique Media Access Control (MAC) address of 
a wireless terminal, and use a temporary address selected from each temporary address set as a destination address; 
and at least one wireless terminal arranged to receive a temporary address set corresponding to a unique Media Access 
Control address thereof from among the plurality of temporary address sets created in the wireless access node, and 
use a temporary address selected from the received temporary address set as a source address. 
[0013] In the system above, the wireless access node may create the temporary address sets, each of which consists 
of N (where N is an integer greater than or equal to two) temporary addresses, preferably using for each address set 
the MAC address contained in an access or authentication request message transmitted from the corresponding wireless 
terminal. 

[0014] In the system above, the wireless access node preferably encodes the temporary address sets using a prede- 
termined encryption key for each address set, and respectively transmits the encoded temporary address sets to the 
corresponding wireless terminals. Preferably, each encryption key is created upon authentication of the corresponding 
wireless terminal. 

[0015] In the system above, the wireless access node may include a first memory, which stores the plurality of temporary 
address sets, each of which consists of N (where N is an integer greater than or equal to two) random addresses and 
is created corresponding to a unique MAC address, a first MAC address filter, which filters a unique MAC address from 
a source address of a data packet received from a corresponding wireless terminal by referring to the temporary address 
sets stored in the first memory, a destination address generation unit, which enables a temporary address set corre- 
sponding to the unique MAC address of the wireless terminal requesting authentication from among the temporary 
address sets stored in the first memory, generates a first random selection signal, generates a temporary address 
randomly selected from the enabled temporary address set, and uses the temporary address as a destination address, 
and a first random selection unit which randomly selects a temporary address from the temporary address set enabled 
in the first memory according to the first random selection signal generated in the destination address generation unit, 
and outputs the selected temporary address to the destination address generation unit. 

[0016] The wireless terminal may include a second memory which receives a temporary address set from the wireless 
access node and stores the temporary address set corresponding to a unique MAC address of the wireless terminal, a 
second MAC address filter which determines whether a destination address of a data packet received from the wireless 
access node is included in the temporary address set by referring to the temporary address set stored in the second 
memory, and generates a receipt enable signal according to a determination result, a source address generation unit, 
which generates a second random selection signal according to a source address request signal, generates a temporary 
address randomly selected from the temporary address set stored in the second memory, and uses the temporary 
address as a source address, and a second random selection unit which randomly selects a temporary address from 
the temporary address set stored in the second memory according to the second random selection signal generated in 
the source address generation unit, and outputs the selected temporary address to the source address generation unit. 
[0017] The present invention thus provides a method for guaranteeing a user's anonymity in a wireless Local Area 
Network (LAN) system by using a temporary address randomly selected from a temporary address set that contains 
mapping to a Media Access Control (MAC) address as the source address or the destination address upon transmitting 
data packets between a wireless access node and wireless terminals. 

[0018] The present invention further provides a wireless LAN system for guaranteeing a user's anonymity by using a 
temporary address generated from a unique MAC address. 

[0019] The above and other features and advantages of the present invention will become more apparent to those of 
ordinary skill in the art by describing in detail preferred embodiments thereof with reference to the attached drawings in 
which: 

FIG. 1 illustrates a conceptual scheme showing the structure of a general wireless Local Area Network (LAN) system; 
FIG. 2 is a flow chart for describing a method of guaranteeing users' anonymity in a wireless LAN system according 
to a preferred embodiment of the present invention; 

FIG. 3 illustrates a view for describing an operation relationship between a wireless access node and wireless 
terminals; 

FIG. 4 is a block diagram showing a detailed structure of an addressing unit of the wireless access node in the 
wireless LAN system according to a preferred embodiment of the present invention; and 

FIG. 5 is a block diagram showing a detailed structure of an addressing unit of the wireless terminal in the wireless 
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LAN system according to a preferred embodiment of the present invention. 

[0020] FIG. 2 is a flow chart for describing a method of guaranteeing users' anonymity in a wireless LAN system 
according to an embodiment of the present invention. The method of guaranteeing users' anonymity includes access 
5 step 21, authentication step 22, temporary address set generation step 23, temporary address set transmission step 
24, and data packet transmission step 25. FIG. 3 illustrates a view for describing the operation relationship between a 
wireless access node and wireless terminals. Signal transmissions between a wireless access node and a wireless 
terminal in the above-mentioned steps are illustrated in FIG. 3. 

[0021] Now, the steps shown in FIG. 2 will be described in connection with FIGS. 1 and 3. 

10 [0022] In the access step 21 , if a first wireless terminal 1 3 requests access, access between the first wireless terminal 
13 and a wireless access node 1 1 is performed. For performing this access, the first wireless terminal 13 transmits to 
the wireless access node 11 an access request message Association_Req containing its own unique MAC address 
MAC Addrl as the source address (process 31 of FIG. 3). The wireless access node 11, which receives the access 
request message Association_Req, tries to access the first wireless terminal 13. If this access succeeds, the wireless 

15 access node 1 1 transmits to the first wireless terminal 13 an access success message Association_Resp containing 
the unique MAC address MAC Addrl of the first wireless terminal 13 as the destination address (process 32 of FIG. 3). 
[0023] In the authentication step 22, if a first wireless terminal 13 requests authentication, the wireless access node 
11 performs authentication of the first wireless terminal 13. For performing this authentication, the first wireless terminal 
1 3 transmits to the wireless access node 1 1 an authentication request message Authentication_Req containing its own 

20 unique MAC address MAC Addrl as the source address (process 33 of FIG. 3). The wireless access node 1 1 , which 
receives the authentication request message Authentication_Req, performs an authentication of the first wireless terminal 
13. If the authentication succeeds, the wireless access node 1 1 creates an encryption key. At this time, the wireless 
access node 1 1 transmits to the first wireless terminal 13 the encryption key in the authentication success message 
Authentication_Resp containing the unique MAC address MAC Addrl of the first wireless terminal 1 3 as the destination 

25 address (process 34 of FIG. 3). 

[0024] In the temporary address set generation step 23, the wireless access node 1 1 randomly transforms the unique 
MAC address MAC Addrl ofthefirstwirelessterminal 13contained in the authentication requestmessage Authentication_ 
Req, and creates a temporary address set consisting of N temporary addresses corresponding to the unique MAC 
address, wherein N is preferably an integer greater than or equal to two (process 35 of FIG. 3). 

30 [0025] In the temporary address set transmission step 24, the temporary address set created in the wireless access 
node 1 1 is encoded using the encryption key created in the authentication step 22, and then is transmitted to the first 
wireless terminal 13 using the unique MAC address MAC Addrl of the first wireless terminal 13 as the destination 
address (process 36 of FIG. 3). 

[0026] In the data packet transmission step 25, whenever data communication is performed between a first wireless 
35 terminal 13 and wireless access node 1 1 , a temporary address is randomly selected from a temporary address set and 
assigned to the data packet as a source address or destination address. That is, when the first wireless terminal 13, 
which receives an authentication success message Authentication_Resp and a temporary address set from the wireless 
access node 1 1, tries to transmit a data packet PDU to the wireless access node 11, the first wireless terminal 13 
addresses as the source address a temporary address, i.e., a first temporary address Taddrl , randomly selected from 
40 the N temporary addresses in the temporary address set and transmits the data packet PDU (process 37 of FIG. 3). On 
the other hand, when a data packet PDU is transmitted from the wireless access node 1 1 to the first wireless terminal 
1 3, a temporary address, i.e., a third temporary address Taddr3, randomly selected from the N temporary addresses in 
the temporary address set, is set as the destination address and the data packet PDU is transmitted (process 38 of FIG. 3). 
[0027] FIG. 4 is a block diagram showing a detailed structure of an addressing unit 40 of the wireless access node 
45 1 1 in the wireless LAN system of the present invention. The addressing unit 40 includes a memory 41, a MAC address 
filter43, a destination address generation unit 45, and a random selection unit 47, for addressingthe destination addresses 
used in the data packet transmission step (step 25) described with reference to FIG. 3. 

[0028] Referring to FIG. 4 in addition to FIGS. 1 -3, operations of the addressing unit 40 will now be described. After 
a wireless access node 11 completes authentication of a first wireless terminal 13, a temporary address set which 
50 consists of N temporary addresses randomly created corresponding to a unique MAC address of the first wireless 
terminal 1 3, are stored in memory 41 . At this time, a temporary address set is created corresponding to a unique MAC 
address for each wireless terminal requesting authentication and the temporary address sets are stored in the form of 
a look up table in memory 41 . 

[0029] A MAC address filter 43 works together with memory 41 when a data packet is transmitted from the first wireless 
55 terminal 13 to the wireless access node 1 1 . The destination address generation unit 45 and the random selection unit 
47 work together with memory 41 when a data packet is transmitted from the wireless access node 1 1 to the first wireless 
terminal 13. Operations of these components will be described in detail as follows. 

[0030] The MAC address filter 43 receives a source address (SA) extracted from the data packet transmitted from the 
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first wireless terminal 13, and attempts to discover a temporary address set including a temporary address matching 
the source address by referring to the plurality of temporary address sets stored in memory 41 . If the temporary address 
set is found, a unique MAC address corresponding to the temporary address set is extracted and transmitted to any 
layers requiring it. 

5 [0031] The destination address generation unit 45 receives the unique MAC address of the first wireless terminal 13 
obtained in the access/authentication steps, finds a temporary address set corresponding to the received unique MAC 
address among the plurality of temporary address sets stored in memory 41 , activates the found temporary address set, 
and then outputs a random selection signal to a random selection unit 47. 

[0032] The random selection unit 47 randomly selects a temporary address from the temporary address set activated 

10 in memory 41 , depending on the random selection signal, and outputs the selected temporary address to the destination 
address generation unit 45. The destination address generation unit 45 sets the temporary address received from the 
random selection unit 47 as the destination address (DA), and outputs the destination address (DA). 
[0033] That is, whenever data packets are transmitted from the wireless access node 1 1 to the first wireless terminal 
1 3, each data packet has a different destination address from the others. This applies equally to other wireless terminals 

15 in a BSS (Basic Service Set). 

[0034] FIG. 5 illustrates a block diagram showing a detailed structure of an addressing unit 50 of the first wireless 
terminal 13 in the wireless LAN system according to the present invention. The addressing unit 50 includes a memory 
51 , a MAC address filter 53, a source address generation unit 55, and a random selection unit 57, for addressing the 
source addresses used in the data packet transmission step 25 described with reference to FIG. 3. 

20 [0035] Referring to FIG. 5 in addition to FIGS. 1 -3, operations of the addressing unit50 will now be described. Temporary 
address sets transmitted from the wireless access node 1 1 are stored in the memory 51 . Only one temporary address 
set corresponding to a unique MAC address of the first wireless terminal 13 is stored in the memory 51 . 
[0036] The MAC address filter 53 works together with the memory 51 when a data packet is transmitted from the 
wireless access node 1 1 to the first wireless terminal 1 3. The source address generation unit 55 and the random selection 

25 unit 57 work together with memory 51 when a data packet is transmitted from the first wireless terminal 1 3 to the wireless 
access node 1 1 . Operations of these components will be described in detail as follows. 

[0037] The MAC address filter 53 receives a destination address (DA) extracted from the data packet transmitted from 
the wireless access node 11, determines whether a temporary address allocated to the destination address (DA) is 
included in the temporary address set stored in memory 51 , and outputs a receipt enable signal indicating receipt of the 
30 data packet, according to the determination result. That is, the first wireless terminal 13 receives the data packet sent 
from the wireless access node 1 1 when a temporary address allocated to the destination address (DA) is included in 
the temporary address set stored in memory 51 . 

[0038] The source address generation unit 55 outputs a random selection signal to the random selection unit 57 when 
receiving a source address request signal, in order to transmit a data packet from the first wireless terminal 13 to the 
35 wireless access node 11. The random selection unit 57 randomly selects a temporary address from the temporary 
address set stored in memory 51 , according to the random selection signal, and outputs the selected temporary address 
to the source address generation unit 55. The source address generation unit 55 sets the temporary address provided 
from the random selection unit 57 as the source address (SA), and outputs the source address (SA) to the wireless 
access node 1 1 . 

40 [0039] That is, whenever data packets are transmitted from the first wireless terminal 1 3 to the wireless access node 
1 1 , each data packet has a different source address from the others. This applies equally to all other wireless terminals 
in a BSS. 

[0040] The above-described preferred embodiments may be embodied as computer programs and may also be em- 
bodied on a general-purpose digital computerfor executing the computer programs using a computer readable medium. 
45 The computer readable medium may include storage media such as magnetic storage media (e.g., ROM's, floppy discs, 
hard discs, etc.), optically readable media (e.g., CDROMs, DVDs, etc.), and carrier waves (transmissions over the 
Internet). 

[0041] As described above, according to the present invention, it is possible to prevent a MAC address from being 
exposed during data communication, thereby guaranteeing a user's anonymity, by using a temporary address selected 
50 from a temporary address set that contains mappings to a unique MAC address. The temporary address is used as a 
source address or a destination address upon data communication between a wireless access node and a wireless 
terminal. 

[0042] Also, by using a temporary address randomly selected from a temporary address set, it is possible to prevent 
the outflow of private information and reduce the risk of attack by malicious users. The temporary address is used as 
55 the source address or destination address upon data communication between a wireless access node and a wireless 
terminal, so that whenever a data packet is transmitted, a different source address or a different destination address is 
used. 

[0043] Preferred embodiments of the present invention have been disclosed herein and, although specific terms are 
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employed, they are used and are to be interpreted in a generic and descriptive sense only and not for purpose of limitation. 
Accordingly, it will be understood by those of ordinary skill in the art that various changes in form and details may be 
made without departing from the scope of the present invention as set forth in the following claims. 



Claims 

1 . A method of guaranteeing users' anonymity in a wireless Local Area Network system, the method comprising: 

creating a plurality of temporary address sets, each of which corresponds to a unique Media Access Control 
address of a wireless terminal (1 3), and transmitting each temporary address set to the corresponding wireless 
terminal (13); and 

performing data packet transmissions between a wireless terminal (13) and a wireless access node (1 1 ) using 
a temporary address selected from the temporary address set corresponding to the wireless terminal (13) as 
a source address or a destination address. 

2. The method as claimed in claim 1 , wherein in the creating step, the wireless access node (1 1) creates the temporary 
address sets, each of which consists of N, where N is an integer greater than or equal to two, temporary addresses, 
using a Media Access Control address contained in an access or authentication request message transmitted from 
a corresponding wireless terminal (1 3). 

3. The method as claimed in claim 1 or 2, wherein in the creating step, the wireless access node (11) encodes the 
temporary address sets using a predetermined encryption key for each temporary address set, and respectively 
transmits the encoded temporary address sets to the corresponding wireless terminals (13). 

4. The method as claimed in claim 3, wherein each encryption key is created upon authentication of the corresponding 
wireless terminal (13). 

5. The method as claimed in any one of claims 1 to 4, wherein the performing step further comprises: 

a first addressing, which is performed in the wireless access node (1 1 ), and generates a temporary address as 
a destination address randomly selected from the temporary address set corresponding to a wireless terminal 
(13) that is requesting authentication. 

6. The method as claimed in claim 5, wherein the performing step further comprises: 

a second addressing, which is performed in the wireless terminal (13), and generates a temporary address as 
asource address randomly selected from the temporary address set corresponding to the wireless terminal (13). 

7. A computer readable medium having embodied thereon a computer program, comprising program means for per- 
forming the steps of the method claimed in any claim of claims 1 through 6. 

8. A wireless Local Area Network system for guaranteeing users' anonymity comprising: 

a wireless access node (1 1) arranged to create a plurality of temporary address sets, each of which corresponds 
to a unique Media Access Control address of a wireless terminal (13), and use a temporary address selected 
from each temporary address set as a destination address; and 

at least one wireless terminal (13) arranged to receive a temporary address set corresponding to a unique Media 
Access Control address thereof from among the plurality of temporary address sets created in the wireless 
access node (1 1 ), and use a temporary address selected from the received temporary address set as a source 
address. 

9. The system as claimed in claim 8, wherein the wireless access (11) node is arranged to create the temporary address 
sets, each of which consists of N, where N is an integer greater than or equal to two, temporary addresses, using 
for each address set the MAC address contained in an access or authentication request message transmitted from 
the corresponding wireless terminal (13). 

1 0. The system as claimed in claim 8 or 9, wherein the wireless access node (1 1 ) is arranged to encode the temporary 
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address sets using a predetermined encryption key for each address set, and respectively transmit the encoded 
temporary address sets to the corresponding wireless terminals (13). 

11. The system as claimed in claim 10, wherein the wireless access node (11) is arranged to create each encryption 
key upon authentication of the corresponding wireless terminal (13). 

12. The system as claimed in any one of claims 8 to 1 1 , wherein the wireless access node (11) comprises: 

a first memory (41) for storing the plurality of temporary address sets, each of which consists of N, where N is 
an integer greater than or equal to two, random addresses, and is created corresponding to a unique Media 
Access Control address; 

a first Media Access Control address filter (43) for filtering a unique MAC address from a source address of a 
data packet received from a corresponding wireless terminal (13) by referring to the temporary address sets 
stored in the first memory (41); 

a destination address generation unit (45) for enabling a temporary address set corresponding to the unique 
Media Access Control address of the wireless terminal (13) requesting authentication from among the temporary 
address sets stored in the first memory (41), for generating a first random selection signal, for generating a 
temporary address randomly selected from the enabled temporary address set, and for using the temporary 
address as a destination address; and 

a first random selection unit (47) for randomly selecting a temporary address from the temporary address set 
enabled in the first memory according to the first random selection signal generated in the destination address 
generation unit (45), and for outputting the selected temporary address to the destination address generation 
unit (45). 

13. The system as claimed in any one of claims 8 to 12, wherein the wireless terminal (13) comprises: 

a second memory (51 ) for receiving a temporary address set from the wireless access node (1 1 ) and for storing 
the temporary address set corresponding to a unique Media Access Control address of the wire less terminal (13); 
a second Media Access Control address filter (53) for determining whether a destination address of a data 
packet received from the wireless access node (1 1) is included in the temporary address set by referring to the 
temporary address set stored in the second memory (51 ), and for generating a receipt enable signal according 
to a determination result; 

a source address generation unit (55) for generating a second random selection signal according to a source 
address request signal, for generating a temporary address randomly selected from the temporary address set 
stored in the second memory (51 ), and for using the temporary address as a source address; and 
a second random selection unit (57) for randomly selecting a temporary address from the temporary address 
set stored in the second memory according to the second random selection signal generated in the source 
address generation unit (55), and for outputing the selected temporary address to the source address generation 
unit (55). 



Patentanspruche 

1. Verfahren zum Garantieren der Anonymitat von Benutzern in einem drahtlosen lokalen Netzwerksystem (LAN, local 
area network), wobei das Verfahren umfasst: 

Erstellen einer Mehrzahl von temporaren Adressensatzen, deren jeder einer eindeutigen Medienzugangskon- 
trolladresse eines drahtlosen Terminals (13) entspricht und Ubertragen jedes temporaren Adressensatzes an 
das entsprechende drahtlose Terminal (13); und 

Durchfuhren von Datenpaketubertragungen zwischen einem drahtlosen Terminal (13) und einem drahtlosen 
Zug riffs knoten (1 1 ) unter Verwendung einer temporaren Adresse, die aus dem temporaren Adressensatz aus- 
gewahlt ist, der dem drahtlosen Terminal (13) entspricht, als Quellenadresse oder als Bestimmungsadresse. 

2. Verfahren nach Anspruch 1 , worin im Erstellungsschritt der drahtlose Zugriffsknoten (11) temporare Adressensatze 
erstellt, deren jeder aus N temporaren Adressen besteht, wo N eine ganze Zahl groBer oder gleich zwei ist, unter 
Verwendung einer Medienzugangskontrolladresse, die in einer Zugangs- oder Authentifizierungsanfragemeldung 
enthalten ist, die von einem entsprechenden drahtlosen Terminal (13) ubertragen wird. 



EP 1 379 029 B1 



3. Verfahren nach Anspruch 1 oder 2, worin im Erstellungsschritt der drahtlose Zug riffs knoten (11) die temporaren 
Adressensatze unter Verwendung eines bestimmten Verschlusselungsschlussels fur jeden temporaren Adressen- 
satz kodiert und entsprechend die kodierten temporaren Adressensatze an die entsprechenden drahtlosen Terminals 
(13) ubertragt. 

5 

4. Verfahren nach Anspruch 3, worin jeder VerschlQsselungssch lussel bei Authentifizierung des entsprechenden draht- 
losen Terminals (13) erstellt wird. 

5. Verfahren nach einem der Anspruche 1 bis 4, worin der Durchfuhrungsschritt ferner umfasst: 

10 

eine erste Adressierung, die im drahtlosen Zug riffs knoten (1 1) durchgefuhrt wird und eine temporare Adresse 
als Bestimmungsadresse erzeugt, die statistisch aus dem temporaren Adressensatz ausgewahlt wird, der einem 
drahtlosen Terminal (13) entspricht, das Authentifizierung anfordert. 

15 6. Verfahren nach Anspruch 5, worin der Durchfuhrungsschritt ferner umfasst: 

eine zweite Adressierung, die im drahtlosen Terminal (13) durchgefuhrt wird und eine temporare Adresse als 
Quellenadresse erzeugt, die statistisch aus dem temporaren Adressensatz ausgewahlt wird, der dem drahtlosen 
Terminal (13) entspricht. 

20 

7. Computerlesbares Medium mit einem Computerprogramm darauf verkorpert, das Programmmittelzum Durchfuhren 
der Schritte des Verfahrens umfasst, das in einem der Anspruche 1 bis 6 beansprucht ist. 

8. Drahtloses lokales Netzwerksystem (LAN) zum Garantieren der Anonym itat von Benutzern, umfassend: 

25 

einen drahtlosen Zug riffs knoten (11) so angeordnet, dass er eine Mehrzahl von temporaren Adressensatzen 
erstellt, deren jedereinereindeutigen Medienzugangskontrolladresse eines drahtlosen Terminals (1 3) entspricht 
und Verwenden einer temporaren Adresse ausgewahlt aus jedem temporaren Adressensatz als Bestimmungs- 
adresse; und 

30 mindestens ein drahtloses Terminal (1 3) so angeordnet, dass es einen temporaren Adressensatz entsprechend 

einer eindeutigen Medienzugangskontrolladresse aus der Mehrzahl von im drahtlosen Zugriffsknoten (11) er- 
stellten temporaren Adressen erhalt und eine temporare Adresse ausgewahlt aus dem erhaltenen temporaren 
Adressensatz als Quellenadresse verwendet. 

35 9. System nach Anspruch 8, worin der drahtlose Zugriffsknoten (1 1 ) so angeordnet ist, dass er die temporaren Adres- 
sensatze erstellt, deren jeder aus N temporaren Adressen besteht, wo N eine ganze Zahl groGer oder gleich zwei 
ist, wobei fur jeden Adressensatz die MAC-Adresse verwendet wird, die in einer Zugangs- oder Authentifizierungs- 
anfragemeldung enthalten ist, die vom entsprechenden drahtlosen Terminal (13) ubertragen ist. 

40 10. System nach Anspruch 8 oder 9, worin der drahtlose Zugriffsknoten (1 1) so angeordnet ist, dass er die temporaren 
Adressensatze unter Verwendung eines bestimmten Verschlusselungsschlussels fur jeden Adressensatz kodiert 
und entsprechend die kodierten temporaren Adressensatze an die entsprechenden drahtlosen Terminals (13) uber- 
tragt. 

45 11. System nach Anspruch 10, worin der drahtlose Zugriffsknoten (1 1) so angeordnet ist, dass er jeden Verschlusse- 
lungsschlussel bei Authentifizierung des entsprechenden drahtlosen Terminals (13) erstellt. 

12. System nach einem der Anspruche 8 bis 1 1, worin der drahtlose Zugriffsknoten (1 1) umfasst: 

50 einen ersten Speicher (41) zum Speichern der Mehrzahl von temporaren Adressensatzen, deren jeder aus N 

statistischen Adressen besteht, wo N eine ganze Zahl groRer oder gleich zwei ist und entsprechend einer 
eindeutigen Medienzugangskontrolladresse erstellt ist; 

einen ersten Medienzugangskontrolladressenfilter (43) zum Filtern einer eindeutigen MAC-Adresse aus einer 
Quellenadresse eines Datenpakets, das von einem entsprechenden drahtlosen Terminal (13) empfangen ist, 
55 durch Bezugnahme auf die temporaren Adressensatze, die im ersten Speicher (41 ) gespeichert sind; 

eine Bestimmungsadressenerzeugungseinheit (45) zur Freigabe eines temporaren Adressensatzes entspre- 
chend der eindeutigen Medienzugangskontrolladresse des drahtlosen Terminals (13), das Authentifizierung 
anfordert, unter den temporaren Adressensatzen, die im ersten Speicher (41) gespeichert sind, zum Erzeugen 
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eines ersten statistischen Auswahlsignals zum Erzeugen einer temporaren Adresse, die statistisch aus dem 
freigegebenen temporaren Adressensatz ausgewahlt ist, und zum Verwenden der temporaren Adresse als 
Bestimmungsadresse; und 

eine erste statistische Auswahleinheit (47) zum statistischen Auswahlen einer temporaren Adresse aus dem 
temporaren Adressensatz, der im ersten Speicher freigegeben ist, gemaG dem ersten statistischen Auswahl- 
signal, das in der Bestimmungsadressenerzeugungseinheit (45) erzeugt ist, und zum Ausgeben der ausge- 
wahlten temporaren Adresse an die Bestimmungsadressenerzeugungseinheit (45). 

13. System nach einem der Anspruche 8 bis 12, worin das drahtlose Terminal (13) umfasst: 

einen zweiten Speicher (51 ) zum Empfangen eines temporaren Adressensatzes vom drahtlosen Zugriffsknoten 
(1 1) und zum Speichern des temporaren Adressensatzes entsprechend einer eindeutigen Medienzugangskon- 
trolladresse des drahtlosen Terminals (13); 

einen zweiten Medienzugangskontrolladressenfilter (53) zum Bestimmen, ob eine Bestimmungsadresse eines 
vom drahtlosen Zugriffsknoten (1 1 ) empfangenen Datenpaktes im temporaren Adressensatz enthalten ist, durch 
Bezugnahme auf den temporaren Adressensatz, der im zweiten Speicher (51 ) gespeichert ist, und zum Erzeugen 
eines Empfangsfreigabesignals entsprechend einem Bestimmungsergebnis; 

eine Quellenadressenerzeugungseinheit (55) zum Erzeugen eines zweiten statistischen Auswahlsignals ent- 
sprechend einem Quellenadressenanfragesignal zum Erzeugen einer temporaren Adresse, die aus dem tem- 
poraren Adressensatz statistisch ausgewahlt ist, der im zweiten Speicher (51) gespeichert ist, und zum Ver- 
wenden der temporaren Adresse als Quellenadresse; und 

eine zweite statistische Auswahleinheit (57) zum statistischen Auswahlen einer temporaren Adresse aus dem 
temporaren Adressensatz, der im zweiten Speicher gespeichert ist, entsprechend dem zweiten statistischen 
Auswahlsignal, das in der Quellenadressenerzeugungseinheit (55) erzeugt ist, und zum Ausgeben der ausge- 
wahlten temporaren Adresse an die Quellenadressenerzeugungseinheit (55). 



Revendi cations 

1 . Procede pour garantir I'anonymat des utilisateurs dans un systeme de reseau local sans fil, le procede comprenant : 

la creation d'une pluralite d'ensembles d'adresses provisoires, chacun d'eux correspondant a une adresse 
unique de controle d'acces au support (MAC) d'un terminal sans fil (1 3), et la transmission de chaque ensemble 
d'adresses provisoires au terminal sans fil correspondant (13) ; et 

I'execution de transmissions de paquets de donnees entre un terminal sans fil (13) et un noeud d'acces sans 
fil (1 1) en utilisant une adresse provisoire selectionnee dans Pensemble d'adresses provisoires correspondant 
au terminal sans fil (13) comme adresse d'origine ou adresse de destination. 

2. Procede selon la revendication 1, dans lequel, dans I'etape de creation, le noeud d'acces sans fil (11) cree les 
ensembles d'adresses provisoires, chacun d'eux se composant de N adresses provisoires, ou N est un nombre 
entiersuperieurou egal a deux, en utilisant une adresse de controle d'acces au support contenue dans un message 
de demande d'acces ou d'authentification transmis a partir d'un terminal sans fil correspondant (13). 

3. Procede selon I'une quelconque des revendications 1 ou 2, dans lequel dans I'etape de creation, le noeud d'acces 
sans fil (11) code les ensembles d'adresses provisoires en utilisant une cle de chiffrement predetermined pour 
chaque ensemble d'adresses provisoires, ettransmet respectivement les ensembles d'adresses provisoires codes, 
aux terminaux sans fil correspondants (13). 

4. Procede selon la revendication 3, dans lequel chaque cle de chiffrement est creee lors de I'authentification du 
terminal sans fil correspondant (13). 

5. Procede selon I'une quelconque des revendications 1 a 4, dans lequel I'etape d'execution comprend de plus : un 
premier adressage qui est execute dans le noeud d'acces sans fil (1 1), et genere une adresse provisoire en tant 
qu'adresse de destination selectionnee aleatoirement dans I'ensemble d'adresses provisoires correspondant a un 
terminal sans fil (13) qui demande une authentification. 

6. Procede selon la revendication 5, dans lequel I'etape d'execution comprend de plus : un deuxieme adressage qui 
est execute dans le terminal sans fil (13), et genere une adresse provisoire en tant qu'adresse d'origine selectionnee 
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aleatoirement dans I'ensemble d'adresses provisoires correspondant au terminal sans fil (13). 

. Support pouvant etre lu par un ordinateur dans lequel est incorpore un programme d'ordinateur comprenant des 
moyens formant programme, pour executer les etapes du procede revendique dans Tune quelconque des reven- 
dications 1 a 6. 

. Systeme de reseau local sans fil pour garantir I'anonymat des utilisateurs, comprenant : 

un noeud d'acces sans fil (11) agence afin de creer une pluralite d'ensembles d'adresses provisoires, chacun 
d'eux correspondant a une adresse unique de controle d'acces au support d'un terminal sans fil (13), et pour 
utiliser une adresse provisoire selectionnee dans chaque ensemble d'adresses provisoires en tant qu'adresse 
de destination ; et 

au moins un terminal sans fil (13) agence pour recevoir un ensemble d'adresses provisoires correspondant a 
une adresse unique de controle d'acces au support de celui-ci, parmi la pluralite d'ensembles d'adresses 
provisoires crees dans le noeud d'acces sans fil (1 1 ), et pour utiliser une adresse provisoire selectionnee dans 
I'ensemble d'adresses provisoires recu, en tant qu'adresse d'origine. 

. Systeme selon la revendication 8, dans lequel le noeud d'acces sans fil (1 1) est agence pour creer les ensembles 
d'adresses provisoires, chacun d'eux se composant de N adresses provisoires, ou N est un nombre entier superieur 
ou egal a deux, en utilisant pour chaque ensemble d'adresses, I'adresse MAC contenue dans un message de 
demande d'acces ou d'authentification transmis a partir d'un terminal sans fil correspondant (13). 

0. Systeme selon I'une quelconque des revendications 8 ou 9, dans lequel le noeud d'acces sans fil (1 1) est agence 
pour coder les ensembles d'adresses provisoires en utilisant une cle de chiffrement predeterminee pour chaque 
ensemble d'adresses, et pourtransmettre respectivement les ensembles d'adresses provisoires codes, auxtermi- 
naux sans fil correspondants (13). 

1 . Systeme selon la revendication 1 0, dans lequel le noeud d'acces sans fil (1 1 ) est agence pour creer chaque cle de 
chiffrement lors de I'authentification du terminal sans fil correspondant (13). 

2. Systeme selon I'une quelconque des revendications 8 a 1 1 , dans lequel le noeud d'acces sans fil (1 1) comprend : 

une premiere memoire (41) pour stocker la pluralite d'ensembles d'adresses provisoires, chacun d'eux se 
composant de N adresses aleatoires, ou N est un nombre entier superieur ou egal a deux, et etant cree cor- 
respondant a une adresse unique de controle d'acces au support ; 

un premier filtre d'adresse de controle d'acces au support (43) pour filtrer une adresse unique MAC a partir 
d'une adresse d'origine d'un paquet de donnees recu en provenance d'un terminal sans fil correspondant (13) 
en se referant aux ensembles d'adresses provisoires stockes dans la premiere memoire (41) ; 
une unite de generation d'adresse de destination (45) pour valider un ensemble d'adresses provisoires corres- 
pondant a I'adresse unique de controle d'acces au support du terminal sans fil (13) qui demande une authen- 
tication parmi les ensembles d'adresses provisoires stockes dans la premiere memoire (41), pour generer un 
premier signal de selection aleatoire, pour generer une adresse provisoire selectionnee aleatoirement dans 
I'ensemble d'adresses provisoires valide, et pour utiliser I'adresse provisoire en tant qu'adresse de destination ; 
et 

une premiere unite de selection aleatoire (47) pour selectionner aleatoirement une adresse provisoire dans 
I'ensemble d'adresses provisoires valide dans la premiere memoire selon le premier signal de selection aleatoire 
genere dans I'unite de generation d'adresse de destination (45), et pour delivrer en sortie I'adresse provisoire 
selectionnee, a I'unite de generation d'adresse de destination (45). 

3. Systeme selon I'une quelconque des revendications 8 a 12, dans lequel le terminal sans fil (13) comprend : 

une deuxieme memoire (51 ) pour recevoir un ensemble d'adresses provisoires en provenance du noeud d'acces 
sans fil (1 1) et pour stocker I'ensemble d'adresses provisoires correspondant a une adresse unique de controle 
d'acces au support du terminal sans fil (13) ; 

un deuxieme filtre d'adresse de controle d'acces au support (53) pour determiner si une adresse de destination 
d'un paquet de donnees recu en provenance du noeud d'acces sans fil (11), est incluse dans I'ensemble 
d'adresses provisoires en se referant a I'ensemble d'adresses provisoires stocke dans la deuxieme memoire 
(51), et pour generer un signal de validation de reception selon le resultat de la determination ; 
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une unite de generation d'adresse d'origine (55) pour generer un deuxieme signal de selection aleatoire selon 
un signal de demande d'adresse d'origine, pour generer une adresse provisoire selectionnee aleatoirement 
dans I'ensemble d'adresses provisoires stocke dans la deuxieme memoire (51), et pour utiliser I'adresse pro- 
visoire en tant qu'adresse d'origine ; et 

une deuxieme unite de selection aleatoire (57) pour selectionner aleatoirement une adresse provisoire dans 
I'ensemble d'adresses provisoires stocke dans la deuxieme memoire selon le deuxieme signal de selection 
aleatoire genere dans I'unite de generation d'adresse d'origine (55), et pour delivreren sortie I'adresse provisoire 
selectionnee, a I'unite de generation d'adresse d'origine (55). 
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